add cloudflared charts

clusters/cl01tl/applications/vikunja/Chart.yaml

@@ -13,14 +13,14 @@ dependencies:
   - name: redis
     version: 19.5.0
     repository: https://charts.bitnami.com/bitnami
-  - name: app-template
+  - name: cloudflared
     alias: cloudflared-api
-    repository: https://bjw-s.github.io/helm-charts/
+    repository: http://alexlebens.github.io/helm-charts
-    version: 3.2.1
+    version: 1.0.0
-  - name: app-template
+  - name: cloudflared
     alias: cloudflared-front
-    repository: https://bjw-s.github.io/helm-charts/
+    repository: http://alexlebens.github.io/helm-charts
-    version: 3.2.1
+    version: 1.0.0    
   - name: postgres-cluster
     alias: postgres-16-cluster
     version: 3.1.0

clusters/cl01tl/applications/vikunja/templates/external-secret.yaml

@@ -29,6 +29,56 @@ spec:
         metadataPolicy: None
         property: redis-password
 
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: vikunja-cloudflared-front-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: vikunja-cloudflared-front-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: cf-tunnel-token
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cloudflare/tunnels/vikunja
+        metadataPolicy: None
+        property: token
+
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: vikunja-cloudflared-api-secret
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/name: vikunja-cloudflared-api-secret
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion }}
+    app.kubernetes.io/component: web
+    app.kubernetes.io/part-of: {{ .Release.Name }}
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: cf-tunnel-token
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /cloudflare/tunnels/vikunja-api
+        metadataPolicy: None
+        property: token
+
 ---
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret

clusters/cl01tl/applications/vikunja/values.yaml

@@ -73,63 +73,12 @@ redis:
     existingSecret: vikunja-config-secret
     existingSecretPasswordKey: redis-password
 cloudflared-api:
-  global:
+  name: cloudflared-api
-    nameOverride: cloudflared-api
+  existingSecretName: vikunja-cloudflared-api-secret
-  controllers:
-    main:
-      type: deployment
-      strategy: Recreate
-      containers:
-        main:
-          image:
-            repository: cloudflare/cloudflared
-            tag: "2024.5.0"
-            pullPolicy: IfNotPresent
-          args:
-            - tunnel
-            - --no-autoupdate
-            - run
-            - --token
-            - $(CF_MANAGED_TUNNEL_TOKEN)
-          env:
-            - name: CF_MANAGED_TUNNEL_TOKEN
-              valueFrom:
-                secretKeyRef:
-                  name: vikunja-api-cloudflared-secret
-                  key: cf-tunnel-token
-          resources:
-            requests:
-              cpu: 100m
-              memory: 128Mi
 cloudflared-front:
-  global:
+  name: cloudflared-front
-    nameOverride: cloudflared-front
+  existingSecretName: vikunja-cloudflared-front-secret  
-  controllers:
+
-    main:
-      type: deployment
-      strategy: Recreate
-      containers:
-        main:
-          image:
-            repository: cloudflare/cloudflared
-            tag: "2024.5.0"
-            pullPolicy: IfNotPresent
-          args:
-            - tunnel
-            - --no-autoupdate
-            - run
-            - --token
-            - $(CF_MANAGED_TUNNEL_TOKEN)
-          env:
-            - name: CF_MANAGED_TUNNEL_TOKEN
-              valueFrom:
-                secretKeyRef:
-                  name: vikunja-front-cloudflared-secret
-                  key: cf-tunnel-token
-          resources:
-            requests:
-              cpu: 100m
-              memory: 128Mi              
 postgres-16-cluster:
   mode: standalone
   kubernetesClusterName: cl01tl